A year into President Donald Trump’s second term, a rare bipartisan consensus has emerged in Washington and across the cybersecurity industry: the Cybersecurity and Infrastructure Security Agency (CISA) is struggling.
Current and former officials, lawmakers from both parties, and private-sector partners say the nation’s lead civilian cyber defense agency has been significantly diminished after losing roughly one-third of its workforce and scaling back key programs.
Descriptions from those familiar with the agency range from “decimated” to “fallen apart,” with concerns mounting about whether CISA can effectively respond to a large-scale cyber crisis.
Personnel Losses and Program Cuts
Since early 2025, CISA has shed veteran staff, reassigned personnel within the Department of Homeland Security (DHS), and eliminated entire teams. Divisions focused on election security and international coordination have been curtailed or closed, while funding for certain information-sharing centers serving state and local governments has lapsed or been reduced.
Industry representatives say the cuts have disrupted long-standing relationships that once enabled rapid collaboration during ransomware outbreaks and critical infrastructure threats.
“There are fewer touchpoints, fewer briefings, fewer problem-solving calls,” said Errol Weiss, chief security officer at Health-ISAC, reflecting a broader perception among industry partners that CISA’s engagement has declined.
Former officials also point to diminished staffing in flagship initiatives such as secure-by-design software efforts and implementation of the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA), legislation intended to strengthen federal visibility into cyber threats.
Political Tensions and Leadership Vacuum
CISA’s challenges are unfolding amid political friction dating back to the 2020 election, when the agency publicly contradicted claims of widespread voter fraud. Critics argue the fallout has contributed to shifting priorities within the administration.
House Homeland Security Committee Chairman Andrew Garbarino acknowledged the agency endured a difficult first year of the new term, noting that many “best and brightest” employees have departed. Rep. Bennie Thompson, the panel’s top Democrat, said budget reductions have weakened CISA’s manpower and operational reach.
Compounding the uncertainty is the Senate’s delay in confirming Sean Plankey as permanent director. In the absence of a Senate-confirmed leader, CISA has been led by acting director Madhu Gottumukkala, whose tenure has drawn criticism from lawmakers and industry sources alike.
Some critics have questioned Gottumukkala’s leadership amid reports of internal turmoil and controversies, though DHS officials have defended his efforts to refocus the agency on its core statutory mission.
Capacity Concerns in a High-Threat Environment
Cybersecurity experts warn that the staffing reductions could hamper CISA’s ability to coordinate during a national emergency, particularly as threats from ransomware groups and nation-state actors continue to rise.
Former officials describe a “lack of capacity” in regional offices, where personnel once cultivated trust with state governments and critical infrastructure operators. Without those connections, some fear response times and coordination could suffer during a major cyberattack.
James Lewis of the Center for European Policy Analysis characterized the agency as “a much weaker entity” than it was a year ago, noting that its influence historically stemmed from its ability to convene stakeholders and disseminate timely threat information.
Others worry about preparedness in the event of a geopolitical escalation involving China or another adversary targeting U.S. infrastructure.
Bright Spots and Path Forward
Despite the criticism, some observers say CISA retains strong technical talent and continues to issue public alerts on vulnerabilities and threats. Supporters argue the agency is refocusing on federal network protection and reducing redundancies that had grown during its rapid expansion after its creation in 2018.
Advocates also point to the potential confirmation of a permanent director as a key step toward restoring stability and morale. A Senate-confirmed leader, lawmakers say, would help CISA reassert its role in high-level national security discussions.
Rebuilding the workforce may prove challenging. Federal hiring constraints, morale issues, and broader skepticism about government service could complicate recruitment of top cybersecurity professionals.
Still, many agree that CISA remains essential to protecting critical infrastructure and coordinating national cyber defense.
“The agency still has value in areas only the federal government can provide,” Weiss said, citing national-level visibility and cross-sector coordination. “The question is whether it can regain the capacity it once had.”
As cyber threats evolve, the debate over CISA’s direction underscores a broader challenge: balancing reform and accountability while ensuring the United States remains prepared for the next digital crisis.
